Editing a protocol filter

Use the Policy Management > Filters > Edit Protocol Filter page to make changes to existing protocol filters.

Important:

Changes that you make here affect all policies that enforce this filter.

Policies that enforce a protocol filter with the same name in another delegated administration role are not affected.

The filter name and description appear at the top of the page.

  • Click Rename to change the filter name.
  • Simply type in the Description field to change the filter description.

The number next to Policies using this filter shows how many policies currently use the selected filter. If the protocol filter is active, click View Policies for a list of policies that enforce the filter.

The bottom portion of the page shows a list of protocols and the actions currently applied to each.

To change the way that protocols are filtered and logged:

Steps

  1. Select a protocol in the Protocols list. Advanced actions for the selected protocol appear to the right of the list.
  2. Use the Permit and Block buttons at the bottom of the Protocols list to change the action applied to the selected protocol.
    Note:

    Web protection software can block TCP-based protocol requests, but not UDP-based protocol requests.

    Some applications use both TCP- and UDP-based messages. If an application’s original network request is made via TCP, and then subsequent data is sent using UDP, web protection software blocks the initial TCP request and thus blocks subsequent UDP traffic.

    UDP requests may be logged as blocked, even when they are permitted.

    To apply the same action to the other protocols in the selected protocol group, click Apply to Group.

  3. If you want information about use of the selected protocol available for alerting or reporting, mark the Log protocol data check box.
  4. To impose bandwidth limits on the use of this protocol, click Block with Bandwidth Optimizer, and then supply the bandwidth thresholds to use. See Using Bandwidth Optimizer to manage bandwidth, for more information.
  5. After editing the filter, click OK to cache your changes and return to the Filters page. Changes are not implemented until you click Save and Deploy.

Next steps

To activate a new protocol filter, add it to a policy and apply the policy to clients (see Web Protection Policies).
Note: You can create policies that start enforcing a protocol filter at a specific time. If users initiate a protocol session before that filter goes into effect, they can continue to access the protocol, even if the filter blocks it, for as long as the session continues. Once a user terminates the session, additional requests for the protocol are blocked.